﻿using System;
using System.Data;
using System.Collections.Generic;

namespace LDSP.BRL
{
    public partial class AutoLoginAuthentication : BYFW.BOL.BaseEntity
    {
        public AutoLoginAuthentication()
        {
            m_tableName = "t_autologin_auth";
            m_tblCacheManager.IsEnable = true;
        }

        protected int m_enterpriseId = 0;
        protected int m_userId = 0;
        protected string m_ipAddress = string.Empty;

        /// <summary>
        /// 企业ID
        /// </summary>
        public int EnterpriseId
        {
            get { return m_enterpriseId; }
            set { m_enterpriseId = value; }
        }
        /// <summary>
        /// 用户ID
        /// </summary>
        public int UserId
        {
            get { return m_userId; }
            set { m_userId = value; }
        }
        /// <summary>
        /// IP地址
        /// </summary>
        public string IpAddress
        {
            get { return m_ipAddress; }
            set { m_ipAddress = value; }
        }

        protected override void FillContainer()
        {
            base.FillContainer();
            m_container.Add("enterpriseId", m_enterpriseId);
            m_container.Add("userId", m_userId);
            m_container.Add("ipAddress", m_ipAddress);
        }

        public override bool GetProperties(System.Data.DataRow record)
        {
            if (!base.GetProperties(record))
            {
                return false;
            }
            m_enterpriseId = this.GetIntValue(record, "enterpriseId");
            m_userId = this.GetIntValue(record, "userId");
            m_ipAddress = this.GetStringValue(record, "ipAddress");
            return true;
        }

        /// <summary>
        /// 根据企业名和用户名模糊查找用户
        /// </summary>
        /// <param name="enterprise"></param>
        /// <param name="user"></param>
        /// <returns></returns>
        public DataTable GetRecordsByEnterpriseAndUser(string cond)
        {
            string sql = string.Format(@"select t.id as id, te.code as enterpriseName, tu.code as userName, t.ipAddress as ipAddress
from t_autologin_auth t
inner join t_enterprise te on t.enterpriseId = te.id
left join t_enterpriseuser tu on t.userId = tu.id
{0}", cond);
            return this.DB.Select(sql).Tables[0];
        }

        /// <summary>
        /// 根据用户名和ip地址检查是否允许自动登录。
        /// </summary>
        /// <param name="userName"></param>
        /// <param name="ipAddress"></param>
        /// <returns></returns>
        public bool CheckPermission(string userName, string ipAddress)
        {
            bool allow = false;

            EnterpriseUser user = new EnterpriseUser();
            user.GetProperties(userName);

            int enterpriseId = user.EnterpriseID;
            int userId = user.ID;

            List<AutoLoginAuthentication> authentications = this.GetSpecialList<AutoLoginAuthentication>(null, "enterpriseId", enterpriseId);
            foreach (AutoLoginAuthentication auth in authentications)
            {
                //检查ip地址
                string[] ips = auth.IpAddress.Split(';');
                foreach (string ip in ips)
                {
                    if (ip == ipAddress)
                    {
                        allow = true;
                        break;
                    }
                }

                //检查用户名,找到匹配的用户名或者所有用户名都可以，则表明允许自动登录
                allow = allow && (auth.UserId == 0 || userId == auth.UserId);
                if (allow == true)
                {
                    break;
                }
            }

            return allow;
        }
    }
}